Help with VPN config (attached)

Unanswered Question
Feb 3rd, 2009
User Badges:

Hi,


I have this working config from a Cisco 877 DSL router (remote office) which is in VPN mode connected to a Cisco ASA (HQ with servers).


Now users can conenct to all the servers at the HQ, but their internet access also goes of the VPN, how can I split the traffic so all requests to our HQ servers goes over the VPN and all Internet requests go on through the local DSL of the router?





Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ivan Martinon Tue, 02/03/2009 - 16:57
User Badges:
  • Cisco Employee,

If the config that you pasted here is from one of those 877 remote offices then to "split" the internet traffic from the corporate traffic, you need to change your match address 110 from:


access-list 101 permit ip 172.19.19.0 0.0.0.255 any


To


access-list 101 permit ip 172.19.19.0 0.0.0.255


Having the match address 101 with the destination as any, will make internet traffic to be part of that ANY keyword.

Actions

This Discussion